Layer7 API Management

  • Private Community

  • 1.  User access restriction to Policy manager

    Posted Sep 01, 2017 01:58 AM

    Hi All,

        Till now i have created my some unique user accounts for my team members and gave admin access to login Policy manager. But i observed there is an option called Certificate in after user creation template. I don't want the user to access my policy manager with by using just user credentials even though he/she has the admin privileges.

     

    I want to upload his/her certificate while creating the user account and then by using CN name only he would able to access.

     

    Could you please let me know how can i achieve this.

     

     

    Thanks&Regards

    Rajasekhar



  • 2.  Re: User access restriction to Policy manager

    Broadcom Employee
    Posted Sep 01, 2017 11:45 AM

    Hello Rajasekhar,

     

    Below is links to our documentation that I feel should cover your question.   One the user properties go to the certificate tab and click the Import button and then complete the Add Certificate Wizard.

     

    Creating a federated user: Creating a Federated User - CA API Gateway - 9.0 - CA Technologies Documentation 

    Federated user properties:  Federated User Properties - CA API Gateway - 9.0 - CA Technologies Documentation 



  • 3.  Re: User access restriction to Policy manager

    Posted Sep 04, 2017 12:15 AM

    Thank you.

     

    But i don't need to use Federated User. I am looking for using IIP(Internal Identity Provider) to restrict the user to use only CN for accessing the policy manager.

     

    How can i achieve this?

     

    Thanks&Regards

    Rajasekhar



  • 4.  Re: User access restriction to Policy manager
    Best Answer

    Broadcom Employee
    Posted Sep 04, 2017 03:57 AM

    Hello rajasekhar33,

     

    Simply just attach a certificate to your users in the IIP certificate properties tab.

     

    Just pay attention that, by default, certificate authentication will be prefered to login/password for authenticating via Policy Manager

     



  • 5.  Re: User access restriction to Policy manager

    Posted Sep 06, 2017 02:18 AM

    Hi Nicolas,

         I have created the certificate(PKCS12) format in policy manager and saved the certificate with .crt then tried to login with that certificate but it is giving me invalid certificate error.

     

        Could you please clarify me if i did anything wrong. I followed the below for creating the certificate.

     

        1. Logged in with user account --> Manage private keys --> Created and imported the private key and respected certificate to my local system

        2. Created the user under IIP and then imported the certificate into user account

        3. Logout policy manager from the user account

        4. Imported the certificate for using certificate to login policy manager but it failed.

     

    Thanks&Regards

    Rajasekhar



  • 6.  Re: User access restriction to Policy manager

    Posted Sep 06, 2017 02:34 AM

    Hi Nicolas,

       

          I fixed the issue. Initially the account was with different name and certificate CN name is different due to which i was unable to login by using certificate. Now i created with the same names.

     

          I can able to login successfully. Thanks for your help.

     

    Thanks&Regards

    Rajasekhar



  • 7.  Re: User access restriction to Policy manager

    Broadcom Employee
    Posted Sep 06, 2017 07:41 AM

    Glad to read that your issue is fixed rajasekhar33